https://src.bluestatic.org / bugdar.git / blob
summary | shortlog | log | commit | commitdiff | tree
history | raw | HEAD
r887: Removing all the annoying calls to intval() in place of ISSO's cleaning framework
[bugdar.git] / admin / usergroup.php
1 <?php
2 /*=====================================================================*\
3 || ###################################################################
4 || # Bugdar [#]version[#]
5 || # Copyright ©2002-[#]year[#] Iris Studios, Inc.
6 || #
7 || # This program is free software; you can redistribute it and/or modify
8 || # it under the terms of the GNU General Public License as published by
9 || # the Free Software Foundation; version [#]gpl[#] of the License.
10 || #
11 || # This program is distributed in the hope that it will be useful, but
12 || # WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
13 || # or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for
14 || # more details.
15 || #
16 || # You should have received a copy of the GNU General Public License along
17 || # with this program; if not, write to the Free Software Foundation, Inc.,
18 || # 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
19 || ###################################################################
20 \*=====================================================================*/
21
22 require_once('./global.php');
23 require_once('./includes/functions_datastore.php');
24
25 if (!can_perform('canadmingroups'))
26 {
27 admin_login();
28 }
29
30 // ###################################################################
31 // define permissions as groups
32
33 $permissions = array(
34 $lang->string('General Permissions') => array(
35 'canviewbugs' => $lang->string('Can View Bugs'),
36 'canviewhidden' => $lang->string('Can View Hidden Bugs and Comments'),
37 'cansearch' => $lang->string('Can Search Bugs'),
38 'cansubscribe' => $lang->string('Can Subscribe to Bugs'),
39 'canbeassignedto' => $lang->string('Can Be Assigned Bugs')
40 ),
41
42 $lang->string('Posting/Submitting Permissions') => array(
43 'canvote' => $lang->string('Can Vote on Polls'),
44 'cansubmitbugs' => $lang->string('Can Submit Bugs'),
45 'canpostcomments' => $lang->string('Can Post Comments'),
46 'cangetattach' => $lang->string('Can View Attachments'),
47 'canputattach' => $lang->string('Can Upload/Edit Own Attachments'),
48 'caneditattach' => $lang->string('Can Manage All Attachments')
49 ),
50
51 $lang->string('Moderation/Managment Permissions') => array(
52 'caneditown' => $lang->string('Can Edit Own Bugs'),
53 'caneditother' => $lang->string('Can Edit Others\' Bugs'),
54 'caneditownreply' => $lang->string('Can Edit Own Comments'),
55 'caneditotherreply' => $lang->string('Can Edit Others\' Comments'),
56 'canassign' => $lang->string('Can Assign Bugs'),
57 'canchangestatus' => $lang->string('Can Change Status')
58 ),
59
60 $lang->string('Administrator Permissions') => array(
61 'canadminpanel' => $lang->string('Can Access Control Panel'),
62 'canadminbugs' => $lang->string('Can Administer Bug Reports'),
63 'canadminfields' => $lang->string('Can Administer Additional Bug Fields'),
64 'canadminversions' => $lang->string('Can Administer Products / Components / Versions'),
65 'canadminusers' => $lang->string('Can Administer Users'),
66 'canadmingroups' => $lang->string('Can Administer Usergroups'),
67 'canadmintools' => $lang->string('Can Administer Settings / Maintenance Tools')
68 )
69 );
70
71 // ###################################################################
72
73 if (empty($_REQUEST['do']))
74 {
75 $_REQUEST['do'] = 'modify';
76 }
77
78 // ###################################################################
79
80 if ($_REQUEST['do'] == 'kill')
81 {
82 $bugsys->input_clean('usergroupid', TYPE_UINT);
83 if ($bugsys->in['usergroupid'] < 7)
84 {
85 $admin->error($lang->string('You can\'t delete a default usergroup.'));
86 }
87
88 $db->query("DELETE FROM " . TABLE_PREFIX . "usergroup WHERE usergroupid = " . $bugsys->in['usergroupid']);
89 $db->query("UPDATE " . TABLE_PREFIX . "user SET usergroupid = 2 WHERE usergroupid = " . $bugsys->in['usergroupid']);
90
91 build_usergroups();
92 build_assignedto();
93
94 $admin->redirect('usergroup.php?do=modify');
95 }
96
97 // ###################################################################
98
99 if ($_REQUEST['do'] == 'delete')
100 {
101 if ($bugsys->in['usergroupid'] < 7)
102 {
103 $admin->error($lang->string('You can\'t delete a default usergroup.'));
104 }
105
106 $admin->page_confirm($lang->string('Are you sure you want to delete this usergroup? All users in this group will be set back to the default registered usergroup (id: 2).'), 'usergroup.php?do=kill&amp;usergroupid=' . $bugsys->in['usergroupid']);
107 }
108
109 // ###################################################################
110
111 if ($_REQUEST['do'] == 'add' OR $_REQUEST['do'] == 'edit')
112 {
113 $add = (($_REQUEST['do'] == 'add') ? true : false);
114 $edit = (($_REQUEST['do'] == 'edit') ? true : false);
115
116 $admin->page_start(($add ? $lang->string('New Usergroup') : $lang->string('Edit Usergroup')));
117
118 $admin->form_start('usergroup.php', ($add ? 'insert' : 'update'));
119
120 if ($edit)
121 {
122 $usergroup = $db->query_first("SELECT * FROM " . TABLE_PREFIX . "usergroup WHERE usergroupid = " . $bugsys->in['usergroupid']);
123 if (!is_array($usergroup))
124 {
125 $admin->error($lang->getlex('error_invalid_id'));
126 }
127
128 $admin->form_hidden_field('usergroupid', $usergroup['usergroupid']);
129 }
130 else
131 {
132 $usergroup['permissions'] = 319;
133 }
134
135 // Details
136 $admin->table_start();
137 $admin->table_head($lang->string('Usergroup Details'), 2, 'usergroups');
138 $admin->row_input($lang->string('Usergroup Title'), 'title', $bugsys->sanitize($usergroup['title']));
139 $admin->row_input($lang->string('Display Title<div><dfn>This is the title that others will be able to see when comments are posted.</dfn></div>'), 'displaytitle', $bugsys->sanitize($usergroup['displaytitle']));
140 $admin->table_end();
141
142 // Permission
143 $admin->table_start();
144
145 $admin->table_head($lang->string('Permission Settings'), 2, 'usergroups');
146
147 foreach ($permissions AS $group => $settings)
148 {
149 $admin->row_span($group, 'thead', 'center');
150 foreach ($settings AS $setting => $name)
151 {
152 $admin->row_yesno($name, "perm[$setting]", ($usergroup['permissions'] & $_PERMISSION["$setting"]));
153 }
154 }
155
156 $admin->table_end();
157
158 // custom field permissions
159 $admin->table_start();
160 $admin->table_head($lang->string('Custom Field Permissions'), 2, 'usergroups');
161
162 if ($edit)
163 {
164 $perms = $db->query("SELECT fieldid, mask FROM " . TABLE_PREFIX . "bugfieldpermission WHERE usergroupid = $usergroup[usergroupid]");
165 while ($perm = $db->fetch_array($perms))
166 {
167 $permissions["$perm[fieldid]"] = $perm['mask'];
168 }
169 }
170
171 $fields = $db->query("SELECT fieldid, name FROM " . TABLE_PREFIX . "bugfield ORDER BY fieldid");
172 while ($field = $db->fetch_array($fields))
173 {
174 unset($listitem);
175 $admin->list_item($lang->string('No Permission'), 0, $permissions["$field[fieldid]"] == 0);
176 $admin->list_item($lang->string('Can View Field'), 1, $permissions["$field[fieldid]"] == 1);
177 $admin->list_item($lang->string('Can View, Edit Field'), 2, $permissions["$field[fieldid]"] == 2);
178 $admin->row_list($field['name'], "custom[$field[fieldid]]");
179 }
180
181 $admin->table_end();
182
183 // Submit
184 $admin->table_start();
185 $admin->row_submit();
186 $admin->table_end();
187
188 $admin->form_end();
189
190 $admin->page_end();
191 }
192
193 // ###################################################################
194
195 if ($_POST['do'] == 'insert')
196 {
197 foreach ($_POST['perm'] AS $permtitle => $binaryswitch)
198 {
199 $permissionvalue += $_PERMISSION["$permtitle"] * $binaryswitch;
200 }
201
202 $db->query("
203 INSERT INTO " . TABLE_PREFIX . "usergroup
204 (title, displaytitle, permissions)
205 VALUES
206 ('" . $bugsys->in['title'] . "', '" . $bugsys->in['displaytitle'] . "',
207 $permissionvalue
208 )"
209 );
210
211 $ugroupid = $db->insert_id();
212
213 build_usergroups();
214
215 $bugsys->input_clean('custom', TYPE_UINT);
216 foreach ($bugsys->in['custom'] AS $fieldid => $mask)
217 {
218 $values[] = "$ugroupid, " . $bugsys->clean($fieldid, TYPE_UINT) . ", " . $mask;
219 }
220
221 if (is_array($values))
222 {
223 $db->query("
224 INSERT INTO " . TABLE_PREFIX . "bugfieldpermission
225 (usergroupid, fieldid, mask)
226 VALUES
227 (" . implode("\n\t\t\t", $values) . "
228 )"
229 );
230 }
231
232 $admin->redirect('usergroup.php?do=modify');
233 }
234
235 // ###################################################################
236
237 if ($_POST['do'] == 'update')
238 {
239 $bugsys->input_clean_array(array(
240 'perm' => TYPE_UINT,
241 'usergroupid' => TYPE_UINT,
242 'custom' => TYPE_UINT
243 ));
244 foreach ($_POST['perm'] AS $permtitle => $binaryswitch)
245 {
246 $permissionvalue += $_PERMISSION["$permtitle"] * $binaryswitch;
247 }
248
249 $db->query("
250 UPDATE " . TABLE_PREFIX . "usergroup
251 SET title = '" . $bugsys->in['title'] . "',
252 displaytitle = '" . $bugsys->in['displaytitle'] . "',
253 permissions = $permissionvalue
254 WHERE usergroupid = " . $bugsys->in['usergroupid']
255 );
256
257 build_usergroups();
258 build_assignedto();
259
260 $ugroupid = $bugsys->in['usergroupid'];
261 foreach ($bugsys->in['custom'] AS $fieldid => $mask)
262 {
263 $values[] = "$ugroupid, " . $bugsys->clean($fieldid, TYPE_UINT) . ", " . $mask;
264 }
265
266 if (is_array($values))
267 {
268 $db->query("
269 REPLACE INTO " . TABLE_PREFIX . "bugfieldpermission
270 (usergroupid, fieldid, mask)
271 VALUES
272 (" . implode("),\n\t\t\t(", $values) . ")"
273 );
274 }
275
276
277 $admin->redirect('usergroup.php?do=modify');
278 }
279
280 // ###################################################################
281
282 if ($_REQUEST['do'] == 'modify')
283 {
284 $admin->page_start($lang->string('Usergroup Manager'));
285
286 $admin->form_start('usergroup.php', 'null');
287 $admin->table_start();
288 $admin->table_head($lang->string('Usergroup Manager'), 3, 'usergroups');
289
290 $groups = $db->query("SELECT * FROM " . TABLE_PREFIX . "usergroup ORDER BY usergroupid ASC");
291 while ($group = $db->fetch_array($groups))
292 {
293 $usergroups["$group[usergroupid]"] = $group;
294 }
295 $db->free_result($groups);
296
297 $groups = $db->query("
298 SELECT COUNT(user.userid) AS total, user.usergroupid
299 FROM " . TABLE_PREFIX . "user AS user
300 LEFT JOIN " . TABLE_PREFIX . "usergroup AS usergroup USING (usergroupid)
301 GROUP BY usergroup.usergroupid
302 ORDER BY usergroup.usergroupid"
303 );
304 while ($group = $db->fetch_array($groups))
305 {
306 $usergroups["$group[usergroupid]"]['total'] = $group['total'];
307 }
308
309 $admin->table_column_head(array($lang->string('Usergroup'), $lang->string('Number of Users'), $lang->string('Action')));
310 foreach ($usergroups AS $group)
311 {
312 $admin->row_multi_item(array("<a href=\"usergroup.php?do=edit&amp;usergroupid=$group[usergroupid]\">$group[title]</a>" => 'l', ((!$group['total']) ? '-' : $group['total']) => 'c', "<a href=\"usergroup.php?do=edit&amp;usergroupid=$group[usergroupid]\">[" . $lang->string('Edit') . "]</a>" . (($group['usergroupid'] > 6) ? "<a href=\"usergroup.php?do=delete&amp;usergroupid=$group[usergroupid]\">[" . $lang->string('Delete') . "]</a>" : '') => 'c'));
313 }
314
315 $admin->row_span('<a href="usergroup.php?do=add">[' . $lang->string('Add New Usergroup') . ']</a>', 'tfoot', 'center', 3);
316 $admin->table_end();
317 $admin->form_end();
318
319 $admin->page_end();
320 }
321
322 /*=====================================================================*\
323 || ###################################################################
324 || # $HeadURL$
325 || # $Id$
326 || ###################################################################
327 \*=====================================================================*/
328 ?>
Open-source PHP-MySQL bug tracking system that has customizable CSS/XHTML templates, email notifications, Atom syndication, internationalization support, and a very simple setup.